monkeytype
monkeytype copied to clipboard
monkeytypegame
API Request is Blocked by Cloudfare (Likely Cloudfare's DDoS Protection) if Made from Github Action
Is there an existing issue for this?
- [X] I have searched the existing issues
Current Behavior
The Public API is all good if request is made from end users themselves (Postman, browser, local dev, ...) but is blocked with a 503 response status ("Service Temporarily Unavailable") by cloudfare if made from github action. The response body is an HTML that renders to this:
Initial discussion on discord can be found here. I suspect this is Cloudfare DDoS blocking requests from servers with high traffic. In my case it was github action server, but I believe some other servers might also be subject to this.
This issue will potential become a blocker for users that rely on the public API running inside a deployed server elsewhere, especially as the apis grow and are used by more and more people.
Please take a look into this. If a workaround is not possible, it should be noted somewhere for others to know about.
Thanks a lot team!
Expected Behavior
The public API allows requests from servers such as github action.
Steps To Reproduce
- Setup a github action
- Call any monkeytype api endpoint in (1)
- Expect a 503 response
Environment
Github action
Anything else?
The github action I have basically does an equivalence to this in a unit test:
const response = await fetch(
'https://api.monkeytype.com/users/personalBests?mode=time&mode2=30',
{
headers: {
Authorization: 'ApeKey ...',
},
}
);
For completion, this is where the actual code is. The issue is initally reported in https://github.com/vnphanquang/monkeytype-readme/issues/1
@Bruception sorry to drag you into this. I've talked about it in discord a while back. Just want to let you know I made an issue here for reference.
Ive checked the logs and tried allowing some IP addresses through the firewall. Try now.
@Miodec Thanks. Still no luck unfortunately. Have you try lifting firewalls for listed github action IPs? You can refer to this docs, which says a GET to https://api.github.com/meta returns a list of said IPs.
From my debugging, the IP of the server my particular action ran on was 20.242.116.228.
Hope that helps.
From my debugging, the IP of the server my particular action ran on was
20.242.116.228.
Hmm, that address in not on the list https://api.github.com/meta
Yeah, i'm not sure either. But that ip is likely to change every time the github action runs. I used @haythem/public-ip action to find the IP (which essentially queries https://api.ipify.org). I would just stick to the list from github api.
This stackoverflow thread is relevant, if of any help.
@Miodec thanks. I tried a couple of times just now, still failing though...
Whats the exact request that youre making? Can you check if GET https://api.monkeytype.com/ also gets blocked?
GET https://api.monkeytype.com/ is okay. The exact request is https://api.monkeytype.com/users/personalBests?mode=time&mode2=30
Maybe its getting blocked because youve only been testing on that one endpoint? How long has it been since you last tried? Can you try again? Can you try the personal bests endpoint?
Maybe its getting blocked because youve only been testing on that one endpoint? How long has it been since you last tried? Can you try again? Can you try the personal bests endpoint?
Oh no sincerely apologies i missed the notification for this.
@vnphanquang Can you test again?
Just tested, it works again. Thanks a lot @Miodec !